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DETAILED ACTION 

1 . Claims 1- 38 are pending for examination. 

2. Claims 1- 38 are rejected. 



Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

3. Claims 1-6,15-22,26-33 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Fischer, U.S. Patent 5,659,617. 

4. As per claim 1; "A method for protecting electronic files, comprising: obtaining 
environment information regarding a computer, the environment information including data 
concerning an operating, environment of the computer [col. 1, lines 5-col. 4,line 27, whereas 
environment information regarding a computer clearly deals with its physical location during 
access (i.e., to files via standard log-in/log-on) via the LCU based certificate aspect]; generating 
an encryption key based on the environment information [col. 1, lines 5-col. 4,line 27, whereas 
physical location aspect of the LCU is public key based (i.e., col. 3,lines 15-col. 4,line 10) 
because the certificate is public key based (the key certified by virtue of the certificate).]; and 
encrypting an electronic file using the encryption key [col. 1, lines 5-col. 4,line 27, whereas the 
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encryption is public key based (the encryption key certified by virtue of the certificate (i.e., col. 
2,lines 35-65).].". 

5. Claim 2 additionally recites the limitation that; "A method as recited in claim 1, further 
comprising the operation of creating a decryption key based on environment information, 
wherein the decryption key can be utilized to decrypt the electronic file ". The teachings of 
Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the encryption and 
associated decryption is public key based (the encryption key certified by virtue of the certificate 
(i.e., col. 2,lines 35-65) which is certified to assure proper association of the public (i.e., 
encryption) and private (i.e., decryption) keys in public key based cryptographic functionality.). 

6. Claim 3 additionally recites the limitation that; "A method as recited in claim 2, wherein 
the encryption key and the decryption key are public key infrastructure (PKI) based keys.". The 
teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas the encryption 
and associated decryption is public key based (the encryption key certified by virtue of the 
certificate (i.e., col. 2,lines 35-65) which is certified to assure proper association of the public 
(i.e., encryption) and private (i.e., decryption) keys in public key based cryptographic 
functionality.). 

7. Claim 4 additionally recites the limitation that; "A method as recited in claim 1, wherein 
the environment information includes location information of the computer.". The teachings of 
Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas environment information 
regarding a computer clearly deals with its physical location during access (i.e., to files via 
standard log-in/log-on) via the LCU based certificate aspect.). 
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8. Claim 5 additionally recites the limitation that; "A method as recited in claim 4, wherein 
the location information specifies a location of the computer within a predetermined range.". The 
teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas environment 
information regarding physical location via the LCU based certificate aspect is such that the GPS 
accuracy and inherent tolerance of timing (i.e., col. 5,lines 9-col. 9,line 31, beacon/clock timing) 
errors clearly allows for the location information specifies a location of the computer within a 
predetermined range.). 

9. Claim 6 additionally recites the limitation that; "A method as recited in claim 5, wherein 
the location information is provided by global positioning satellite (GPS) data ". The teachings 
of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas environment 
information regarding physical location via the LCU based certificate aspect is GPS based.). 

10. As per claim 15; "A method for protecting electronic files, comprising: storing an 
electronic file encrypted using an encryption key, wherein the encryption key is generated using 
a first environment profile of a computer, and wherein the environment profile includes data 
concerning an operating environment of the computer [col. 1, lines 5-col. 4,line 27, whereas 
environment information regarding a computer clearly deals with its physical location during 
access (i.e., to encrypted and clearly stored files via standard log-in/log-on) via the LCU based 
certificate aspect. Further, the physical location aspect of the LCU is public key based (i.e., col. 
3,lines 1 5-col. 4,line 10) because the certificate is public key based (the key certified by virtue of 
the certificate), and the encryption is public key based (the encryption key certified by virtue of 
the certificate (i.e., col. 2,lines 35-65).]; obtaining a second environment profile of the computer 
based on a current operating environment of the computer [col. 1, lines 5-col. 4,line 27, whereas 
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environment information regarding a computer clearly deals with its physical location during 
access (i.e., during second operating environment of the computer data collection for the purpose 
of comparison of profile information for the explicit purpose of file access of to encrypted and 
clearly stored files via standard log-in/log-on) via the LCU based certificate aspect]; generating a 
decryption key based on the second environment profile: and decrypting the electronic file using 
the decryption key [col. 1, lines 5-col. 4,line 27, whereas the encryption and associated 
decryption is public key based (the encryption key certified by virtue of the certificate (i.e., col. 
2,lines 35-65) which is certified to assure proper association of the public (i.e., encryption) and 
private (i.e., decryption) keys in public key based cryptographic functionality.].". 

11. Claim 16 additionally recites the limitation that; "A method as recited in claim 15, 
wherein the encryption key and the decryption key are further based on a passcode received from 
a user.". The teachings of Fischer suggest such limitations (col. l,lines 5-coL 4,line 27, whereas 
the public key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), 
and further layered access control derived from using said certificate, is associated with the use 
of PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45- 
col. 1 l,line 5).). 

12. Claim 17 additionally recites the limitation that; "A method as recited in claim 16, 
further comprising the operation of appending the first environment profile to the passcode to 
generate the encryption key". The teachings of Fischer suggest such limitations (col. l,lines 5- 
col. 4,line 27, whereas the public key based encryption key certified by virtue of the certificate 
(i.e., col. 2,lines 35-65), and further layered access control derived from using said certificate, is 
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associated with the use of PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 
10, col. 10,lines45-col. Il,line5).). 

13. Claim 18 additionally recites the limitation that; "A method as recited in claim 17, 
further comprising the operation of appending the current environment profile to the passcode to 
generate the decryption key". The teachings of Fischer suggest such limitations (col. l,lines 5- 
col. 4,line 27, whereas the public key based encryption key certified by virtue of the certificate 
(i.e., col. 2,lines 35-65), and further layered access control derived from using said certificate, is 
associated with the use of PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 
10, col. 10,lines45-col. ll,line 5).). 

14. Claim 19 additionally recites the limitation that; "A method as recited in claim 18, 
wherein the decryption key cannot decrypt the electronic file when the current environment 
profile does not match the first environment profile.". The teachings of Fischer suggest such 
limitations (col. 1, lines 5-col. 4,line 27, whereas the public key based encryption key certified by 
virtue of the certificate (i.e., col. 2,lines 35-65), and further layered access control derived from 
using said certificate, is associated with the use of PIN/password functionality for the LCU (i.e., 
col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. ll,line 5).). 

15. Claim 20 additionally recites the limitation that; "A method as recited in claim 19, 
wherein a match occurs when the data in the current environment profile is within a 
predetermined range of the data in the first environment profile.". The teachings of Fischer 
suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the public key based encryption 
key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further layered access 
control derived from using said certificate, is associated with the use of PIN/password 
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functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 1 l,line 5). 
Further, whereas the aspect of the environment information regarding physical location via the 
LCU based certificate is such that the GPS accuracy and inherent tolerance of timing (i.e., col. 
5, lines 9-col. 9,line 3 1, beacon/clock timing) errors clearly allows for the location information 
specifies a location of the computer within a predetermined range.). 

16. Claim 21 additionally recites the limitation that; "A method as recited in claim 1 5, 
wherein the environment profile includes location information specifying a location of the 
computer within a predetermined range.". The teachings of Fischer suggest such limitations (col. 
1, lines 5-col. 4,line 27, whereas environment information regarding physical location via the 
LCU based certificate aspect is such that the GPS accuracy and inherent tolerance of timing (i.e., 
col. 5,lines 9-col. 9,line 31, beacon/clock timing) errors clearly allows for the location 
information specifies a location of the computer within a predetermined range.). 

17. Claim 22 additionally recites the limitation that; "A method as recited in claim 21, 
wherein the location information is provided by global positioning satellite (GPS) data.". The 
teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas environment 
information regarding physical location via the LCU based certificate aspect is GPS based ). 

18. As per claim 26; "A method for protecting electronic files comprising; authenticating a 
digital transaction using a delay number based on a timing signal received from a remote source 
[col. 1, lines 5-col. 4,line 27, whereas environment information regarding a computers physical 
location as a function of GPS (i.e., col. 2,lines 3-19, col. 4,lines 27-coL 5,line 22) via the LCU 
based certificate clearly uses remote source (GPS satellite transmission) to LCU (receiving said 
transmission) as a delay number based on a timing signal.]; obtaining environment information 
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regarding a computer, the environment information including data concerning an operating 
environment of the computer [col. 1, lines 5-col. 4,line 27, whereas environment information 
regarding a computer clearly deals with its physical location during access (i.e., to files via 
standard log-in/log-on) via the LCU based certificate aspect]; generating an encryption key based 
on the environment information [col. 1, lines 5-col. 4,line 27, whereas physical location aspect of 
the LCU is public key based (i.e., col. 3,lines 15-col; 4,line 10) because the certificate is public 
key based (the key certified by virtue of the certificate).]; and encrypting an electronic file using 
the encryption key [col. 1, lines 5-col. 4,line 27, whereas the encryption is public key based (the 
encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65).].". 

19. Claim 27 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the delay number is based on a delay time period between when the timing signal was 
transmitted and when the timing signal was received.". The teachings of Fischer suggest such 
limitations (col. 1, lines 5-col. 4,line 27, whereas environment information regarding a computers 
physical location as a function of GPS (i.e., col. 2,lines 3-19, col. 4,lines 27-col. 5,line 22) via 
the LCU based certificate clearly uses remote source (GPS satellite transmission) to LCU 
(receiving said transmission) as a delay number based on a timing signal.). 

20. Claim 28 additionally recites the limitation that; "A method as recited in claim 27, 
wherein the delay in the timing signal is caused by free electrons in a line of sight between the 
remote source and a receiver.". The teachings of Fischer suggest such limitations (col. 1, lines 5- 
col. 4,line 27, whereas environment information regarding a computers physical location as a 
function of GPS (i.e., col. 2,lines 3-19, col. 4,lines 27-col. 5,line 22) via the LCU based 
certificate clearly uses remote source (GPS satellite transmission) to LCU (receiving said 
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transmission) and the delay in the timing signal is inherently a timing aspect caused by free 
electrons in a line of sight between the remote source and a receiver.). 

2 1 . Claim 29 additionally recites the limitation that; "A method as recited in claim 28, 
wherein the delay in the timing signal is further caused by variations in atmospheric conditions.". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas for GPS 
using remote source (GPS satellite transmission) to LCU (receiving said transmission) delay in 
the timing signal is inherently a timing aspect further caused by the variations in atmospheric 
conditions.). 

22. Claim 30 additionally recites the limitation that; "A method as recited in claim 26, 
further comprising the operation of creating a decryption key based on environment information, 
wherein the decryption key can be utilized to decrypt the electronic file.". The teachings of 
Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the encryption and 
associated decryption is public key based (the encryption key certified by virtue of the certificate 
(i.e., col. 2,lines 35-65) which is certified to assure proper association of the public (i.e., 
encryption) and private (i.e., decryption) keys in public key based cryptographic functionality.). 

23. Claim 3 1 additionally recites the limitation that; "A method as recited in claim 30, 
wherein the encryption key and the decryption key are public key infrastructure (PKI) based 
keys". The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas 
the encryption and associated decryption is public key based (the encryption key certified by 
virtue of the certificate (i.e., col. 2,lines 35-65) which is certified to assure proper association of 
the public (i.e., encryption) and private (i.e., decryption) keys in public key based cryptographic 
functionality). 
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24. Claim 32 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the environment information includes location information specifying a location of the 
computer within a predetermined range". The teachings of Fischer suggest such limitations (col. 
1, lines 5-col. 4,line 27, whereas environment information regarding physical location via the 
LCU based certificate aspect is such that the GPS accuracy and inherent tolerance of timing (i.e., 
col. 5,lines 9-col. 9,line 31, beacon/clock timing) errors clearly allows for the location 
information specifies a location of the computer within a predetermined range.). 

25. Claim 33 additionally recites the limitation that; "A method as recited in claim 32, 
wherein the location information is provided by global positioning satellite (GPS) data". The 
teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas environment 
information regarding physical location via the LCU based certificate aspect is GPS based.). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

26. Claims 7-9,23,34 are rejected under 35 U.S.C 103(a) as being unpatentable over Fischer, 
U.S. Patent 5,659,617 as applied to claims 1,15,26 respectively, above, and further in view of 
Overfield, U.S. Patent 5,598,577. 
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Claim 7 additionally recites the limitation that; "A method as recited in claim 1, wherein 
the environment information includes drive information regarding a drive wherein the electronic 
file will be stored. 5 '; 

Claim 8 additionally recites the limitation that; "A method as recited in claim 7, wherein 
the drive information includes a drive identifier that identities the particular drive wherein the 
electronic file will be stored."; 

Claim 9 additionally recites the limitation that; "A method as recited in claim 7, wherein 
the drive information includes an electronic address assignment of the particular drive wherein 
the electronic file will be stored."; 

Claim 23 additionally recites the limitation that; "A method as recited in claim 15, 
wherein the environment information includes drive information regarding a drive wherein the 
electronic file will be stored."; 

Claim 34 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the environment information includes drive information regarding a drive wherein the 
electronic file will be stored.". 

The teachings of Fischer suggest base claims ("A method for protecting electronic files, 
comprising: obtaining environment information regarding a computer, the environment 
information including data concerning an operating, environment of the computer. . .") 
limitations (Abstract, col. l,lines 5-col. 4,line 27, col. 5,lines 9-col. 9,line 31) without explicitly 
teaching of the use of "environment information includes drive information [including 
'electronic address assignment'] regarding a drive wherein the electronic file will be stored". 
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Overfield teaches of using; "[system software] queries a disk drive to determine its 
model. The system software checks the corresponding response string with reference to a table 
of recognized model strings (in encrypted format). If the drive's response string is recognized in 
this table, then the drive parameters can be set appropriately. [Abstract, col. 1, lines 32-col. 4,line 
45]" Such that "the corresponding response string" clearly corresponds to drive information 
(including "electronic address assignment"). 

Thus, it would have been obvious to a person of ordinary skill in the art at the time of the 
invention to have been motivated to combine the Overfield disk drive querie/response parameter 
authentication and authorization invention, to the Fischer method/system protecting electronic 
files via obtaining environment information (location certificate based) regarding a computer. 

Such motivation to combine would clearly encompass the need to allow for qualitatively 
superior authentication scenario to improve security in a disk file configured computer system, 
whereas the authentication and authorization for file access (i.e., disk drive specific via drive 
configuration) clearly is a function of said disk drive querie/response parameters, (i.e., col. 9,line 
62-col. 10,line 54). 

27. Claims 10-14,24-25,35-38 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fischer, U.S. Patent 5,659,617 as applied to claims 1,15,26 respectively, above, and further in 
view of Schneck et al, U.S. Patent 5,933,498. 

Claim 10 additionally recites the limitation that; "A method as recited in claim 1, 
wherein the environment information includes time information specifying access duration "; 
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Claim 1 1 additionally recites the limitation that; "A method as recited in claim 10, 
wherein the access duration is a time range indicating a time period when the electronic file can 
be accessed."; 

Claim 12 additionally recites the limitation that; "A method as recited in claim 1 1, 
wherein the electronic file cannot be decrypted at a time outside the time range "; 

Claim 13 additionally recites the limitation that; "A method as recited in claim 10, 
wherein the access duration is a date range indicating a range of dates when the electronic file 
can be accessed."; 

Claim 14 additionally recites the limitation that; "A method as recited in claim 13, 
wherein the electronic file cannot be decrypted at a date outside the date range."; 

Claim 24 additionally recites the limitation that; "A method as recited it claim 15, 
wherein the environment information includes time information specifying access duration, 
wherein the access duration is a time range indicating a tine period when the electronic file can 
be accessed."; 

Claim 25 additionally recites the limitation that; "A method as recited it claim 15, 
wherein the environment information includes date information specifying access duration, 
wherein the access duration is a date range indicating dates that the electronic file can be 
accessed."; 

Claim 35 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the environment information includes time information specifying access duration, 
wherein the access duration is a time range indicating a time period when the electronic file can 
be accessed."; 
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Claim 36 additionally recites the limitation that; "A method as recited in claim 35, 
wherein the electronic file cannot be decrypted at a time outside the time range."; 

Claim 37 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the environment information includes date information specifying access duration, 
wherein the access duration is a date range indicating dates that the electronic file can be 
accessed."; 

Claim 38 additionally recites the limitation that; "A method as recited in claim 37, 
wherein the electronic file cannot be decrypted on a date outside the date range.". 

The teachings of Fischer suggest base claims ("A method for protecting electronic files, 
comprising: obtaining environment information regarding a computer, the environment 
information including data concerning an operating, environment of the computer. . .") 
limitations (Abstract, col. 1, lines 5-coL 4,line 27, col. 5,lines 9-col. 9,line 31) without explicitly 
teaching of the use of "time [and date] range indicating a time period [and date period] when the 
electronic file can [and can't] be accessed [decrypted]". 

Schneck et al teaches of using; "A method and device are provided for controlling access 
to data. Portions of the data are protected and rules concerning access rights to the data are 
determined. Access to the protected portions of the data is prevented, other than in a non-useable 
form; and users are provided access to the data only in accordance with the rules as enforced by a 
mechanism protected by tamper detection. A method is also provided for distributing data for 
subsequent controlled use of those data. The method includes protecting portions of the data; 
reventing access to the protected portions of the data other than in a non-useable form; 
determining rules concerning access rights to the data; protecting the rules. . . [Abstract], and 
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further; "The invention can restrict the qualities or quantities of access to data in any manner 
that can be calculated or enumerated. A non-exhaustive, representative set of examples is given 
below..." [col. 25,lines 6-col. 27,line 27]" such that "the non-exhaustive, representative set of 
examples is given below. . . [list]" clearly corresponds to "time [and date] range indicating a time 
period [and date period] when the electronic file can [and can't] be accessed [decrypted]" via the 
specific policy creation as used for the said encryption/decryption and access control 
flintionality. 

Thus, it would have been obvious to a person of ordinary skill in the art at the time of the 
invention to have been motivated to combine the Schneck et al policy based access control 
invention, to the Fischer method/system protecting electronic files via obtaining environment 
information (location certificate based) regarding a computer. 

Such motivation to combine would clearly encompass the need to allow for qualitatively 
superior authentication scenario to improve security in a disk file configured computer system, 
whereas the authentication and authorization for file access (i.e., disk drive specific via drive 
configuration) clearly is a function of said disk drive policy access time, date, etc., criteria, (i.e., 
Abstract, col. 6,line 49-col. 8,line 47, col. 25,lines 6-col. 27,line 27). 



28. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (703) 305-4276. The examiner 
can normally be reached Monday through Friday from 8:00 AM to 5:30 PM. 



Conclusion 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (703) 305-9648. The Fax number for the organization 
where this application is assigned is 703-872-9306. 

Ronald Baum 
Patent Examiner 
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